Research released this week by Evans Data showed that 73 percent of the market currently use or plan to adopt the [url=http://en.wikipedia.org/wiki/Spring_framework]Spring application framework for Java[/url] within the next two years. More remarkable is that 83 percent of companies with 500 or more developers use Spring, according to the study[/url]. So I thought it would be a good time to speak with Rod Johnson, CEO and founder of [url=http://www.springsource.com/]SpringSource[/url], and author of the open source framework that some in the Java community view as a superior alternative to [url=http://en.wikipedia.org/wiki/Enterprise_JavaBean]EJB[/url]. [quote] [B]EddieC[/B]: Why do you think Spring adoption has become so …

Member Avatar
Member Avatar
+0 forum 1

The Advanced Research Team of security tools vendor Ounce Labs has identified two vulnerabilities in the Spring framework for Java. The vulnerabilities have the potential, the team says, to allow an attacker to “subvert the expected application logic and behavior,” and gain control of an application and access any personal data, credentials or keys held therein. The vulnerabilities, called “ModelView Injection” and “Data Submission to Non-Editable Fields,” are unlike common flaws such as cross site scripting and SQL injection attacks. “These newly discovered class[es] of vulnerabilities are not security flaws in the framework, but are actually design issues that if …

Member Avatar
Member Avatar
+0 forum 1

The End.